Information Technology (IT) Department
The IT Department is part of the Business Technology organization in the Finance division.
Mission
The IT Department provides or supports the following functions:
- Access requests and role-based access control (RBAC)
- Account password reset and lockout support
- Audit and compliance
- Change management
- Collaborate with Business Technology, People, and Security to implement and support organization-wide best practices for IT and Security related needs.
- Laptop endpoint management and security
- Laptop hardware procurement and repair support
- Laptop software support
- Identity and access management (IAM) and Single-Sign On (SSO)
- Infrastructure management and provisioning
- Onboarding provisioning and new hire support
- Offboarding deprovisioning and data migration
- Software development for internal IT automation
- Security support for Legal, People, and Engineering Security
- Tech stack compliance and oversight
- Team member support for organization-wide technologies with 24x5 timezone coverage
We also provide support for our cross-department system owners for our tech stack applications.
How Can We Help?
This handbook page focuses on how our department operates internally and the initiatives that we are working on.
Are you looking for help with your access requests, infrastructure, laptop, tech stack applications, etc? Please visit our IT Self Service Knowledge Base at /handbook/it.
Not finding what you’re looking for? Please ask in the #it_help Slack channel.
Department Structure
IT Compliance
IT Compliance
Handbook Page
The IT Compliance team works collaboratively with multiple functional teams throughout the GitLab organization. We partner with our Security and Legal teams to identify and manage privacy, data protection risks, and compliance requirements to help meet stakeholder expectations. We also partner with Management, Business Teams, and our Data Team to implement solutions.
IT Security Operations
IT Security Operations
Handbook Page
The IT Security Operations team focuses on reducing the threat landscape and improving our security posture across our tech stack applications while ensuring privacy, data protection, and compliance framework requirements are met. We collaborate closely with the Security department that focuses on the broader scope of the GitLab product and our GitLab.com SaaS offering.
The best practices and policies for team members can be found on the security practices handbook page.
IT Engineering
The IT Engineering sub-department is focused on designing, developing, and implementing automation efficiencies using software and systems to improve GitLab’s business processes, software systems, and cloud infrastructure. Our team members have one or more specialties that they focus on.
Access Management and Single-Sign On (SSO)
Handbook Page
The IT Engineering team implements Okta SSO for our tech stack applications. You can learn more on the Okta handbook page.
The IT Support team handles access requests for the tech stack applications that IT manages. All access requests are created in the same issue tracker project, regardless of which System Owner is responsible for provisioning your user account.
The IT Development team also focuses on Identity and Access Management (IAM) and Role-Based Access Control (RBAC) automation. We are developing GitLab Access Manager (GLAM), a custom application that will replace access request issues and manual provisioning with a streamlined custom web UI and API integration with most of our tech stack applications for user and role provisioning.
IT Development
Handbook Page
The IT Engineering Development team develops custom software applications, automation, APIs and integrations that support internal IT automation for business efficiency and processes managed by the IT department.
Many of our projects focus on providing self service access request provisioning to our tech stack applications and supporting IT Infrastructure services including the Demo Systems and Sandbox Cloud.
We are in the process of creating GitLab Access Manager (GLAM) to provide the next-generation of access request automation across most of our tech stack applications.
IT Infrastructure
Handbook Page
Issue Tracker
The IT Infrastructure team manages AWS and GCP infrastructure that is not related to GitLab.com SaaS production infrastructure and provide managed infrastructure services for other departments, including most ephemeral sandbox infrastructure needs across the company. We also handle access requests for cloud infrastructure and DNS/domain name requests.
We collaborate with the Reliability Engineering (SRE) and Infrastructure Security teams to provide Infrastructure Shared Services for all AWS, Azure, and GCP related requests and support across the organization.
We also provide escalation engineering and triage support for the Security Incident Response Team (“SIRT”) and Security Red Team when security anomalies, events, or incidents require AWS/GCP subject matter expertise.
Our focus is on organizational policy management, access request provisioning, and services that are outside of the Reliability Engineering scope of hosting the GitLab.com SaaS service, such as the provisioning of demo/sandbox/test infrastructure for team members.
The Demo Systems provide an always-on shared sandbox environment for demo and experimental use cases that aren’t intended for or supported on GitLab.com and don’t need dedicated infrastructure to be provisioned for your use case.
The GitLab Sandbox Cloud, powered by HackyStack, automates the provisioning of AWS accounts, AWS IAM users, GCP projects, and GCP users. This has allowed us to automate a large portion of our AWS and GCP access requests.
Tech Stack Application Implementation and Support
Handbook Page
We provide implementation engineering and support for 3rd party tech stack applications that are managed by Business Technology and other non-engineering departments. We usually classify this work as “Engineering Operations” (EngOps).
IT Support
This is also referred to as IT Helpdesk, Team Member Enablement, or Analyst team.
IT Self Service Knowledge Base
Handbook Page
The IT Support team focuses on providing helpdesk support for all of our team members globally with the technologies that are used across the entire organization. These include our collaboration tools (GitLab.com, Google Workspace, Slack, Zoom, etc.), security and compliance tools (1Password, Okta, Jamf, SentinelOne, etc.), laptops and hardware (MacBook Pros, Linux machines, etc.), and most software applications that run on MacOS.
Are you looking for help with your access requests, infrastructure, laptop, tech stack applications, etc? Please visit our IT Self Service Knowledge Base at /handbook/it.
Access Requests
Ask for Help in Slack
You can ask questions or get assistance in the #it_help Slack channel.
Onboarding
Offboarding
FAQ and How-to Guides
Laptop Hardware
Laptop Linux OS
Laptop Mac OS
Laptop Apps
Laptop Data
Initiatives
OKRs
You can see our OKRs in the Business Technology OKR issue tracker.
Initiative Codenames
Our department manages technical projects with a lot of depth and/or breadth that may have a very long descriptive title. This is similar to a confidential project name, however usually has minimal usage outside the IT department and is only for internal initiatives (in collaboration with security teams) to quickly refer to a project as part of our team’s morale since we get excited and rally around codenames.
All issues related to these projects exist in internal only projects by default due to security risks. Any public information is linked in the handbook.
We use animated movie and theme park references. We are careful to avoid trademarks and verify wider adoption in the industry.
| Initiative Codename | Description |
|---|---|
| FastPass | Implementation of next-gen access request automation with GitLab Access Manager (GLAM) and migration of existing access request processes, baseline entitlements, and job role entitlements |
| Scare Floor | Offboarding Scripts and monitoring alerts |
| Teacups | RBAC architecture for Job Family and Department Group with Google Drive permissions |
| Hercules | SSO/SCIM migration for tech stack applications |
| Wristband | Separate IAM user accounts color-based classifications for contractors, team members, service accounts, elevated admin accounts, etc. |
Who We Are
Leadership Team
| Name | Role | Business Engagement Focus Areas |
|---|---|---|
| Rob Rea | Senior Director, IT Operations | Assets, Security, Tech Stack Vendors, Compliance, Helpdesk, etc. |
| Peter Kaldis | Senior Manager, IT Systems Engineering | Access Manager, Okta, Google, IT Engineering, Infrastructure |
| Michael Beltran | Senior Manager, IT End User Services | End User Services IT Manager |
| Eric Rubin | Senior Manager, IT Security Operations | Endpoint Security, Okta, Nira |
| Derek Isla | Manager, IT Compliance | IT Compliance |
IT Support Team
| Name | Role | Timezone Coverage |
|---|---|---|
| Steve Ladgrove | Senior IT Helpdesk Analyst | APAC |
| Jenny Wong | IT Helpdesk Analyst | AMER |
| Jeff Ford | IT Helpdesk Analyst | AMER |
| Alex Krusiec | IT Helpdesk Analyst | AMER |
| Mic Rohr | IT Helpdesk Analyst | AMER |
| Max Hirata | IT Helpdesk Analyst | APAC |
Engineering Team
| Name | Role | Focus Areas (Specialties) |
|---|---|---|
| Jeff Martin | Staff IT Systems Engineer | Development, Engineering Mgmt, Infrastructure, Demo Systems, Security, Support |
| Marcus Whitaker | Senior IT Systems Engineer | Access Management, Okta, Operations |
| Dillon Wheeler | IT Systems Engineer | Development, Google, Security |
| Mohammed Al Kobaisy | IT Systems Administrator | Infrastructure, Operations, Support |
| Vlad Stoianovici | Senior IT Site Reliability Engineer | Infrastructure, Operations, Support |
IT Compliance Team
| Name | Role |
|---|---|
| Sarah Pang | Senior IT Compliance Engineer |
Cross-Department System Owners
As GitLab has grown organically, several departments and functional groups have their own System Administrators (“System Owners”) to handle day-to-day management of the tech stack applications that are specific to that department or functional group.
See the Business Technology handbook page to learn more about system owners.
ff74946e)
